My first thought is that your login processing page has a <cflocation> tag with the "addtoken" attribute set to yes. If you do, try setting it to no and see if that solves it.
I noticed when the error appears I'm getting a CFID and CFTOKEN added to the end of the URL. When I'm able to login successfully it just takes me straight to index.cfm
There are potentially 4 URLs involved here:
- The URL to which the CFID and CFToken are appended;
- The action page of the login form (Look into the code);
- The page to which the user is sent when the login fails;
- The index.cfm page.
It would be of interest to know whether 1. and 2., or whether 1. and 3., refer to the same page.
I'm kind of a noob to the programming world. What should I be looking for in the code? I'm looked for CFID and CFTOKEN statements, but haven't seen any. Is this someting in the coldfusion admin interface or in the actual program itself? Sorry for the noob questions.
ColdFusion probably added the session tokens automatically. What I meant in 1. was: the URL corresponding to the "404 File Not Found", minus the CFID and CFToken.
1 person found this helpful
We had a similar issue when we converted from cf 9 to cf 10, for us simply setting the add token attribute to NO cleared up the problem for us.